Issuing a Certificate in Active Directory CA
This article explains how a certificate to use by ClearBox may
be issued. The requirement is that there's a certificate authority
Run certreq.exe from the command line:
Specify the location of a certificate request file (read about
creating it here) and click
OK. Select an appropriate CA from the list and click
OK. New request is sent.
Now run Certification Authority snap-in from
Administrative Tools folder. Select 'Pending Requests' item:
You will find new pending request here in the list. Before
issuing it, the necessary 'Enhanced Key Usage'
extension should be added to make this certificate suitable for
wireless authentication. Create a new text file (let's name it
eku.txt) with this single text line:
30 0a 06 08 2b 06 01 05 05 07 03 01
It means 'Server authentication' expressed in hexadecimal form.
Now run this from the command line:
certutil -setextension [request id here] 126.96.36.199 0
[request id here] you should place the
real request id (on the screenshot above, it is 14. In your system
you'll get different values).
Now you may right-click the request, select All tasks,
View attributes/Extensions... You request should have this
Right-click the request and select All tasks,
Issue. If everything was done well, you'll find this
request among Issued Certificates. Now
double-click it, select Details tab and click
Copy to File...:
Export Wizard is launched. Click Next and
select Base-64 encoded X.509:
Click Next, specify the exported certificate
file name and click Finish.
Now you may install the RADIUS server certificate as described
© 2001-2007 XPerience Technologies. www.xperiencetech.com